Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    64a80359bff8a5e94be61f23c125903b

  • Size

    256KB

  • Sample

    240118-grflyseeh5

  • MD5

    64a80359bff8a5e94be61f23c125903b

  • SHA1

    99eb53bcba202cfd17b6faf9eccb27eb77cff81a

  • SHA256

    3b8bf4df71917350d38daf2b4a17b68b05e1d9fa8e327b21b83275fe5dffd0be

  • SHA512

    2936025e4ec05210a61551be6e1a891c291dff70bfb71d68502e4963e2fbbb0c789b7fe35ef52ecb7654c35f80d7c45aa2162f9b7a0d7bb0731d9d943430f97e

  • SSDEEP

    6144:oawa9mjimYaQLHrhaYaQuWwkU/YoYaQLHrhaYaQ:oawRXY2YVJUbY2Y

Malware Config

Targets

    • Target

      64a80359bff8a5e94be61f23c125903b

    • Size

      256KB

    • MD5

      64a80359bff8a5e94be61f23c125903b

    • SHA1

      99eb53bcba202cfd17b6faf9eccb27eb77cff81a

    • SHA256

      3b8bf4df71917350d38daf2b4a17b68b05e1d9fa8e327b21b83275fe5dffd0be

    • SHA512

      2936025e4ec05210a61551be6e1a891c291dff70bfb71d68502e4963e2fbbb0c789b7fe35ef52ecb7654c35f80d7c45aa2162f9b7a0d7bb0731d9d943430f97e

    • SSDEEP

      6144:oawa9mjimYaQLHrhaYaQuWwkU/YoYaQLHrhaYaQ:oawRXY2YVJUbY2Y

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks